Cybercrime unit also arrests teenager in connection with cyber-attacks that prevented access to government Covid-19 advice

Dutch police say they have shuttered 15 distributed denial-of-service (DDoS) platforms and arrested a citizen in connection with DDoS attacks against two government websites.

DDoS-for-hire services – also known as ‘DDoS stressors’ or ‘booters’ – sell access to botnets comprising mostly compromised machines that serve as launchpads for DDoS assaults.

Attackers don’t need coding or hacking skills in order to successfully use such services.

“By taking booters and their domain names offline, we make it difficult for cybercriminals,” said Jeroen Niessen, head of the Central Netherlands Police cybercrime unit that led the operation, in translated comments from a press release published on April 10.

He added that authorities were ready to shut down the services again, should they reemerge under different domain names.

“Our goal is to seize more and more booters,” Niessen said.

Double Dutch attack

The police arrested a 19-year-old citizen on April 10 for allegedly carrying out DDoS attacks against government domains MijnOverheid.nl and Overheid.nl on March 19.

Dutch police said both sites were subsequently unavailable for several hours, disrupting citizens’ access to vital information about public services and Covid-19, which has so far claimed approaching 3,000 deaths in the country.

Overheid.nl provides information about government services and has been a prime source of coronavirus-related updates and links to other authoritative sources on the virus for Dutch citizens during the pandemic.

MijnOverheid.nl provides government updates on services like tax returns, child benefit payments, and passport renewals.

Web hosting platforms took down the booter websites at the request of the police.

“By flattening a website like this, you are denying citizens access to their personal data and important government information,” said Niessen, who added that the crime was made more egregious given citizens’ ongoing concerns surrounding the coronavirus pandemic.

He also observed that offenders – many of whom were young people doing it for a “kick, out of boredom or as a challenge” – often recognize neither the criminality nor the consequences for victims of their actions.

“Moreover, they do not realize that the police are able to find them and that they are facing a penalty and a substantial claim for damages.”

DDoS mitigations

Dutch police have urged organizations to put in place DDoS mitigation measures, including using strong passwords and virus scanners to prevent machines being corralled into botnets used for DDoS attacks, as well as regularly backing up critical files.

They have also advised victims to immediately report DDoS attacks to the police and refrain from paying cybercriminals in order to restore machines or websites to normal operation.

The DDoS-for-hire takedowns are the latest in a string of cybercrime scalps claimed by the Dutch police.

With the help of Google, the FBI, and The UK’s National Crime Agency, authorities in the Netherlands brought down another 15 DDoS boosters in December 2018 – leading to an 11% reduction in the number of DDoS attacks worldwide in the fourth quarter of the year.

In April 2019, another agency with which the Dutch police regularly collaborates, Europol, took down Webstresser.org, then the world’s largest marketplace for DDoS attacks.

The Daily Swig has contacted the Dutch police for comment.


READ MORE Inside J-CAT – Europol’s Joint Cybercrime Action Taskforce